CN110784472B - Forward safe certificate-free anonymous authentication method under V2G environment - Google Patents

Forward safe certificate-free anonymous authentication method under V2G environment Download PDF

Info

Publication number
CN110784472B
CN110784472B CN201911049886.8A CN201911049886A CN110784472B CN 110784472 B CN110784472 B CN 110784472B CN 201911049886 A CN201911049886 A CN 201911049886A CN 110784472 B CN110784472 B CN 110784472B
Authority
CN
China
Prior art keywords
lag
authentication
key
parameters
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911049886.8A
Other languages
Chinese (zh)
Other versions
CN110784472A (en
Inventor
王青龙
姚谷笛
张凯莉
段宗涛
樊娜
朱依水
王路阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Dragon Totem Technology Achievement Transformation Co ltd
Original Assignee
Changan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Changan University filed Critical Changan University
Priority to CN201911049886.8A priority Critical patent/CN110784472B/en
Publication of CN110784472A publication Critical patent/CN110784472A/en
Application granted granted Critical
Publication of CN110784472B publication Critical patent/CN110784472B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention provides a forward safe certificate-free anonymous authentication method under a V2G environment, on the premise that neither EV nor LAG uses a certificate, the EV and LAG can also verify the legitimacy of the other party and establish a session key, thereby realizing bidirectional authentication between the EV and LAG, and in the process, the EV can prove that the EV is a legal registered EV in the communication process only by processing private key information distributed by a TA and the private key information, and does not use any certificate, and meanwhile, the LAG does not use any certificate, so that the invention has no complicated certificate updating and management process.

Description

Forward safe certificate-free anonymous authentication method under V2G environment
Technical Field
The invention belongs to the technical field of V2G (vehicle-to-grid) security, and particularly relates to a forward security certificateless anonymous authentication method under a V2G environment.
Background
The electric automobile is connected into a power Grid technology (V2G, Vehicle-to-Grid), a smart power Grid is combined with an electric automobile, and the electric automobile group can be used as an energy storage source to adjust the load fluctuation of the power Grid by sharing the power storage capacity of a battery on the electric automobile, so that power supply is more effectively provided. To ensure that only legitimate EVs participate in the V2G system, the system needs to authenticate the identity of the EV. Since the wireless communication network between the EV and the power grid in V2G belongs to an open network and is vulnerable to various network attacks such as forgery attack, impersonation attack, association attack, and the like, privacy information (such as identity information ID, battery capacity, battery State of Charge (SoC, State of Charge), current location, charging and discharging conditions, and the like) of an EV user may be completely exposed to an attacker, thereby bringing about a serious potential safety hazard to the EV user. Therefore, the V2G system must ensure secure authentication for secure transmission and privacy preservation of data between the EV and the entities.
In the existing certificate-based V2G anonymous authentication scheme, authentication between an EV and a power grid is completed through a valid certificate issued by a TA. To protect the privacy of the EV, the certificate can only be used a limited number of times, and therefore the certificate needs to be updated periodically, resulting in a complex certificate management required by the system.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a forward safe certificate-free anonymous authentication method under the environment of V2G, and the EV and the power grid do not use any certificate, thereby avoiding the complex certificate management, effectively improving the system operation efficiency and realizing the safe transmission of the message.
The invention is realized by the following technical scheme:
a forward secure certificateless anonymous authentication method in a V2G environment comprises the following steps:
step 1, initializing a system and registering LAG;
step 2, EV registration: EV (electric vehicle)iProviding a true identity IDiRegister with TA if EViIf the identity is verified to be correct, TA randomly selects a key
Figure BDA0002255067990000021
Solving key parameters
Figure BDA0002255067990000022
Satisfy the requirement of
Figure BDA0002255067990000023
TA stores the ID in the tracking List TLi||si(ii) a TA calculation key
Figure BDA0002255067990000024
TA sends the full Key x over a secure channeli1,...,xin,y′i,siFor EViAs its private key; g is a multiplicative group
Figure BDA0002255067990000025
The upper order is the primitive element of q, s is the EV master key, ajIs a part of the system master key;
and 3, the EV authenticates the LAG:
step 3.1, when LAGiLAG when broadcasting a new authentication message AuthiRandomly selecting secrets
Figure BDA0002255067990000026
Calculating parameters with secret information
Figure BDA0002255067990000027
I is not less than 1 and not more than n, then LAGiBroadcast message Auth ═ t0||t1||...||tn||h'α(ii) a Wherein, gsAnd gηFor the system to disclose parameters during the initialization process, aiAnd ajIs a same set of parameters, is a part of the master key of the system, hαIs a part of the LAG private key,
Figure BDA0002255067990000028
eta is a withdrawal factor;
step 3.2, when EV is usediNew entry LAGiIn the communication area, EViReceiving LAGiAuthenticating the currently broadcasted authentication message Auth, if the authentication message Auth is valid, performing step 3.3, otherwise, terminating the authentication process;
step 3.3, EViRandomly selecting own secrets
Figure BDA0002255067990000029
Calculating a parameter c for verification0=(t0)r
Figure BDA00022550679900000210
c4=gr,k=(t')rAnd signature information beta ═ HMACk(r'||c0||c1||c2||c3||c4||time),EViTo LAGiSending authentication message Auth ═ r | | c0||c1||c2||c3||c4||time||β;
Step 4, LAGiOn connection to EViAuthentication message Auth ═ r | | c |, c0||c1||c2||c3||c4After | time | β, performing authentication on the EV and generating a shared secret key used for subsequent communication;
step 5, tracking the malicious EV: if the EV passing the verification sends a malicious message, the LAG finds the corresponding record, and with the assistance of the TA, the LAG finds the real identity information of the corresponding EV.
Preferably, in step 1, the specific process of system initialization is as follows: TA Generation of bilinear parameters (G, G)TG, e, q, p) satisfies q | p-1, TA randomly selects system parameters
Figure BDA00022550679900000211
Order to
Figure BDA00022550679900000212
With HMACk(x) Is a secure message authentication code algorithm with a secret key k, H is a collision-resistant hash function, E is a symmetric encryption algorithm, D is a corresponding symmetric decryption algorithm, E (g, g)ηIs a bilinear pairwise operation; let the public key of TA be pkTAThe private key is skTA(ii) a TA secret preservation < ai,θ,skTADisclose system parameters < G, GT,g,e,q,p,gs,ui,HMAC,H,gη,e(g,g)η> and pkTA
Preferably, in step 1, the LAG registration process is as follows: for a newly added LAGiTA optional random number
Figure BDA0002255067990000031
As a private key, private key information α, g is calculated and transmitted over a secure channelα=gs+α,
Figure BDA0002255067990000032
For LAGi
Preferably, the step 3.2 comprises the following steps:
step 3.21, EViReceiving LAGiAuthentication message of (Auth ═ t)0||t1||...||tn||h'αThen, the parameters are verified
t1=t2=...=tn (1)
If yes, the authentication is terminated, otherwise, the step 3.22 is carried out;
step 3.22, EViCalculating and judging parameters
u1t1=u2t2=...=untn (2)
If yes, the authentication is terminated, otherwise, the step 3.23 is carried out;
step 3.23, EViCalculating parameters
Figure BDA0002255067990000033
Wherein
Figure BDA0002255067990000034
Then, whether the formula (3) is satisfied is judged:
e(t",h'α)=e(g,g)η (3)
if yes, the authentication is terminated, otherwise, step 3.3 is performed.
Preferably, the specific steps of step 4 are as follows:
step 4.1, LAGiCalculating k ═ c2)R(c3)α(R+1),β'=HMACk'(r'||c0||c1||c2||c3||c4Time) and validating the equation
β=β' (4)
If yes, go to step 3.42, otherwise terminate authentication;
step 4.2, LAGiCalculating parameters
Figure BDA0002255067990000035
Verification equation
e(g,c'0)=e(c4,gs) (5)
e(c'0c3,c1)=e(g,g)η (6)
If yes, go to step 3.43, otherwise terminate authentication;
step 4.3, LAGiSaving trace parameter c2||c4I | k, compute and send ciphertext c ═ Ek'(r') to EVi
Step 4.4, EViAuthentication
Dk(c)=r' (7)
If true, completing the EV pairingiThe authentication of (1); otherwise, the authentication is terminated.
Further, the specific process of step 5 is as follows:
step 5.1, if an EV sends report malicious information msg ═ c | | | σ and passes verification, the LAG finds the parameter c with EV information in the corresponding message record1||c4I k and c1||c4Submitting to TA; k is LAGiAnd EViA shared key for inter-communication;
step 5.2, TA receives C from LAG1||c4Thereafter, an ID is recorded for each item in the tracking list TLi||siCalculation and comparison verification formula (8):
Figure BDA0002255067990000041
if yes, corresponding record IDi||siID of (1)iTo EV sending the malicious messagei
Compared with the prior art, the invention has the following beneficial technical effects:
(1) compared with the existing anonymous authentication scheme of V2G based on certificates, the EV only needs the private key information distributed by the TA and the processing of the private key information, and can prove that the EV is a legal registered EV in the communication process without using any certificate. While LAG does not use any certificate either. The present invention therefore does not present a complex certificate update and management process.
(2) The method and the device meet the forward security, and when the EV with the malicious behavior is revoked, the revocation factor eta is updated, so that the privacy of the message sent before the revocation is not disclosed while the malicious EV is prevented from being verified by the LAG.
(3) On the premise that neither EV nor LAG uses the certificate, the EV and LAG can verify the legality of the other side, and establish the session key, thereby realizing the mutual authentication between the EV and the LAG.
FIG. 1 is a block diagram of the process of the present invention.
Detailed Description
The present invention will now be described in further detail with reference to specific examples, which are intended to be illustrative, but not limiting, of the invention.
As shown in fig. 1, a forward secure certificateless anonymous authentication method in a V2G environment includes the following steps:
1) initializing a system: namely, a TA setting system parameter phase is included. The specific process is as follows:
TA (Trust Authority, trusted Authority) generates bilinear parameters (G, G)TG, e, q, p) satisfies q | p-1(| denotes integer division). TA random selection of System parameters
Figure BDA0002255067990000051
Let gη=gη
Figure BDA0002255067990000052
G,GTA multiplication loop group of order p, a prime number, q its generator,
Figure BDA0002255067990000053
for the parameter generation range, called multiplicative group, e refers to bilinear pairwise operation, and n is the number of selected limiting parameters, similar to degrees of freedom. η is called revocation factor and is used to implement forward security revocation, and whenever an EV is revoked, it needs to be updated, and uiAnd gsFor encryptionAs a result, for broadcasting; g is
Figure BDA0002255067990000054
The upper order is a generator of q, such that
Figure BDA0002255067990000055
The above solution to discrete logarithm to base g is a difficult problem. With HMACk(x) Is a secure message authentication code algorithm with a secret key k, H is a collision-resistant hash function, E is a symmetric encryption algorithm, D is a corresponding symmetric decryption algorithm, E (g, g)ηIs a bilinear pair operation. Let the public key of TA be pkTAThe private key is skTA. TA secret preservation < ai,θ,skTADisclose system parameters < G, GT,g,e,q,p,gs,ui,HMAC,H,gη,e(g,g)η> and pkTAThe public parameters are stored in advance in an OBU (on-board unit) and a LAG (local aggregator) of an EV (electric vehicle). All arithmetic operations herein are modulo p operations unless otherwise specified.
2) LAG registration: here, the LAG registration process is performed in synchronization with the system initialization process and is completed before the EV performs communication authentication with the LAG. The specific process is as follows:
for a newly added LAGiTA optional random number
Figure BDA0002255067990000056
As a private key, private key information α, g is calculated and transmitted over a secure channelα=gs+α,
Figure BDA0002255067990000057
For LAGi
3) EV registration: here, the EV may enter the V2G network only after registering the relevant information with the TA, and the specific steps are as follows:
the method comprises the following steps: providing the true identity (e.g. license plate number, user identification number, etc.) ID of the useriTo TA.
Step two: if EViIdentity verified, TA random selection secretKey with a key body
Figure BDA0002255067990000061
(s of all EV usersiUnequal), solving key parameters
Figure BDA0002255067990000062
Satisfy the requirement of
Figure BDA0002255067990000063
Figure BDA0002255067990000064
TA stores the ID in the tracking List TLi||si
Step three: TA separately calculates a key
Figure BDA0002255067990000065
TA sends the full Key x over a secure channeli1,...,xin,y′i,siFor EViAs its private key.
4) EV authenticating LAG:
after TA setting parameters, EV complete registration, and LAG complete registration, if the EV wants to join the V2G network, it needs to complete mutual authentication between itself and the LAG. Namely, when the electric vehicle EViEntering a new LAGiWhen the region(s) is (are) LAG, the LAG is completed firstiAnd (4) authentication of the identity.
LAGiPeriodic broadcast of authentication messages
Figure BDA0002255067990000066
When EV is usediEntry LAGiAfter the communication range, the authentication message is used
Figure BDA0002255067990000067
Completing EViFor LAGiThe authentication of (1). The method comprises the following specific steps:
the method comprises the following steps: when LAGiLAG when broadcasting a new authentication message AuthiRandomly selecting secrets
Figure BDA0002255067990000068
Calculating parameters with secret information
Figure BDA0002255067990000069
Then LAGiBroadcast message Auth ═ t0||t1||...||tn||h'α
Step two: EV (electric vehicle)iReceiving LAGiAuthentication message of (Auth ═ t)0||t1||...||tn||h'αThen, the parameters are verified
t1=t2=...=tn (1)
And if so, terminating the authentication, otherwise, performing the third step.
Step three: EV (electric vehicle)iCalculating and judging parameters
u1t1=u2t2=...=untn (2)
And if so, terminating the authentication, otherwise, performing the fourth step.
Step four: EV (electric vehicle)iCalculating parameters
Figure BDA00022550679900000610
Wherein in the formula
Figure BDA0002255067990000071
Then, whether the formula (3) is satisfied is judged:
e(t",h'α)=e(g,g)η (3)
if yes, the authentication is terminated, otherwise, the step five is carried out.
Step five: EV (electric vehicle)iRandomly selecting own secrets
Figure BDA0002255067990000072
Calculating a parameter c for verification0=(t0)r
Figure BDA0002255067990000073
c4=gr,k=(t')rAnd signature information beta ═ HMACk(r'||c0||c1||c2||c3||c4||time)
Step six: EV (electric vehicle)iTo LAGiSending authentication message Auth ═ r | | c0||c1||c2||c3||c4Time beta. Here time is the current time of the system to prevent replay attacks.
And after the EV authenticates the LAG, the next step is carried out.
5) The LAG authenticates the EV: and after receiving the authentication message of the EV, the LAG authenticates the EV and generates a shared secret key used for subsequent communication. The method comprises the following specific steps:
the method comprises the following steps: LAGiComputing
Figure BDA0002255067990000074
β'=HMACk'(r'||c0||c1||c2||c3||c4Time) and validating the equation
β=β' (4)
And if so, performing the second step, otherwise, terminating the authentication.
Step two: LAGiCalculating parameters
Figure BDA0002255067990000075
Verification equation
e(g,c'0)=e(c4,gs) (5)
e(c'0c3,c1)=e(g,g)η (6)
Whether all the verification results are true, if yes, the verification is successful, and the following step three is continued; otherwise authentication failure, LAGiAnd terminating to carry out verification.
Step three: LAGiSaving trace parameter c2||c4I | k, compute and send ciphertext c ═ Ek'(r') to EVi
Step four: EV (electric vehicle)iAuthentication
Dk(c)=r' (7)
If true, completing the EV pairingiOtherwise, the communication process is terminated.
At this point, the LAG completes authentication of the EV. The two parties mutually complete authentication, and then use k as a secret key to carry out communication.
6) Malicious EV tracking
In the running process, if the EV passing the verification sends a malicious message, the LAG can find the corresponding record, and with the assistance of the TA, the LAG can find the real information of the corresponding vehicle to realize the tracking of the malicious EV. The specific process is as follows:
the method comprises the following steps: if an EV sends report malicious information msg ═ c | | | | sigma and passes verification, the LAG finds the parameter c with EV information in the corresponding message record2||c4I k and c2||c4And is handed over to the TA.
Step two: TA receiving LAG transmission c2||c4After | k, an ID is recorded for each item in the tracking list TLi||siCalculation and comparison verification formula (8):
Figure BDA0002255067990000081
whether or not this is true. If yes, corresponding record IDi||siID of (1)iTo EV sending the malicious messagei
The invention is simulated on a personal computer, the experimental hardware environment is 64bit Intel (R) core (TM) i 7-67003.40 GHZ CPU and 16GB memory, and the software environment is java 1.8.0_131 and eclipse 2018-09. Each base operating run time is an average of 1000 runs in the experimental environment.
Computational overhead refers to the time (in ms) consumed to complete the entire run of the recipe. The calculation performance of the scheme of the invention mainly depends on exponential operation and bidirectional pair operation, and included signature and verification processes, and the influence of other operation factors is ignored as the majority of similar inventions. The time consumption statistics are as follows:
TABLE 1 computational overhead (ms) of the individual operations
Figure BDA0002255067990000082
Figure BDA0002255067990000091
n is the number of parameters selected in the initialization stage, and when n is 3 after analysis, the safety of the scheme can be completely ensured, so that the analysis and comparison are convenient, and n is 3. The total time spent in the authentication phase for EV and LAG is (2n + 13). times.Texp+6×TPairFor a total of 45.86 ms. Compared with other schemes, on the premise of realizing the design target and achieving the basic requirements, the method has the advantages of low verification overhead, efficiency improvement and obvious advantages.
The method provides a conditional anonymous authentication scheme with a certificate-free LAG under a V2G environment, improves the interaction efficiency of the EV and the LAG, optimizes the system overhead and protects the user privacy on the premise of ensuring the anonymity of the EV and the traceability of a malicious EV.

Claims (6)

1. A forward secure certificateless anonymous authentication method in a V2G environment is characterized by comprising the following steps:
step 1, initializing a system and registering LAG;
step 2, EV registration: EV (electric vehicle)iProviding a true identity IDiRegister with TA if EViIf the identity is verified to be correct, TA randomly selects a key
Figure FDA0002255067980000011
Solving key parameters
Figure FDA0002255067980000012
Satisfy the requirement of
Figure FDA0002255067980000013
TA stores the ID in the tracking List TLi||si(ii) a TA calculation key
Figure FDA0002255067980000014
TA sends the full Key x over a secure channeli1,...,xin,y'i,siFor EViAs its private key; g is a multiplicative group
Figure FDA0002255067980000015
The upper order is the primitive element of q, s is the EV master key, ajIs a part of the system master key;
and 3, the EV authenticates the LAG:
step 3.1, when LAGiLAG when broadcasting a new authentication message AuthiRandomly selecting secrets
Figure FDA0002255067980000016
Calculating parameters with secret information
Figure FDA0002255067980000017
I is not less than 1 and not more than n, then LAGiBroadcast message Auth ═ t0||t1||...||tn||h'α(ii) a Wherein, gsAnd gηFor the system to disclose parameters during the initialization process, aiAnd ajIs a same set of parameters, is a part of the master key of the system, hαIs a part of the LAG private key,
Figure FDA0002255067980000018
eta is a withdrawal factor;
step 3.2, when EV is usediNew entry LAGiIn the communication area, EViReceiving LAGiAuthenticating the currently broadcasted authentication message Auth, if the authentication message Auth is valid, performing step 3.3, otherwise, terminating the authentication process;
step 3.3, EViRandomly selecting own secrets
Figure FDA0002255067980000019
Calculating a parameter c for verification0=(t0)r
Figure FDA00022550679800000110
c4=gr,k=(t')rAnd signature information beta ═ HMACk(r'||c0||c1||c2||c3||c4||time),EViTo LAGiSending authentication message Auth ═ r | | c0||c1||c2||c3||c4||time||β;
Step 4, LAGiOn connection to EViAuthentication message Auth ═ r | | c |, c0||c1||c2||c3||c4After | time | β, performing authentication on the EV and generating a shared secret key used for subsequent communication;
step 5, tracking the malicious EV: if the EV passing the verification sends a malicious message, the LAG finds the corresponding record, and with the assistance of the TA, the LAG finds the real identity information of the corresponding EV.
2. The forward-secure certificateless anonymous authentication method under the V2G environment according to claim 1, wherein in step 1, the specific process of system initialization is as follows: TA Generation of bilinear parameters (G, G)TG, e, q, p) satisfies q | p-1, TA randomly selects system parameters
Figure FDA0002255067980000021
Order to
Figure FDA0002255067980000022
With HMACk(x) Is a secure message authentication code algorithm with a secret key k, H is a collision-resistant hash function, E is a symmetric encryption algorithm, D is a corresponding symmetric decryption algorithm, E (g, g)ηIs a bilinear pairwise operation; let the public key of TA be pkTAThe private key is skTA(ii) a TA secret preservation<ai,θ,skTA>Disclosure of system parameters<G,GT,g,e,q,p,gs,ui,HMAC,H,gη,e(g,g)η>And pkTA
3. The forward-secure certificateless anonymous authentication method under the V2G environment according to claim 1, wherein in step 1, the LAG registration procedure is as follows: for a newly added LAGiTA optional random number
Figure FDA0002255067980000023
As a private key, private key information α, g is calculated and transmitted over a secure channelα=gs+α,
Figure FDA0002255067980000024
For LAGi
4. The forward secure certificateless anonymous authentication method under the V2G environment according to claim 1, wherein the step 3.2 comprises the following steps:
step 3.21, EViReceiving LAGiAuthentication message of (Auth ═ t)0||t1||...||tn||h'αThen, the parameters are verified
t1=t2=...=tn (1)
If yes, the authentication is terminated, otherwise, the step 3.22 is carried out;
step 3.22, EViCalculating and judging parameters
u1t1=u2t2=...=untn (2)
If yes, the authentication is terminated, otherwise, the step 3.23 is carried out;
step 3.23, EViCalculating parameters
Figure FDA0002255067980000025
Wherein
Figure FDA0002255067980000026
Then, whether the formula (3) is satisfied is judged:
e(t",h'α)=e(g,g)η (3)
if yes, the authentication is terminated, otherwise, step 3.3 is performed.
5. The forward secure certificateless anonymous authentication method under the V2G environment according to claim 1, wherein the step 4 comprises the following steps:
step 4.1, LAGiCalculating k ═ c2)R(c3)α(R+1),β'=HMACk'(r'||c0||c1||c2||c3||c4Time) and validating the equation
β=β' (4)
If yes, go to step 3.42, otherwise terminate authentication;
step 4.2, LAGiCalculating parameters
Figure FDA0002255067980000031
Verification equation
e(g,c'0)=e(c4,gs) (5)
e(c'0c3,c1)=e(g,g)η (6)
If yes, go to step 3.43, otherwise terminate authentication;
step 4.3, LAGiSaving trace parameter c2||c4I | k, compute and send ciphertext c ═ Ek'(r') to EVi
Step 4.4, EViAuthentication
Dk(c)=r' (7)
If true, completing the EV pairingiThe authentication of (1); otherwise, the authentication is terminated.
6. The forward-secure certificateless anonymous authentication method under the V2G environment according to claim 5, wherein the specific process of step 5 is as follows:
step 5.1, if an EV sends a report malicious message msg ═ c | | | σ and passes verification, the LAG finds the parameter c with EV information in the corresponding message record1||c4I k and c1||c4Submitting to TA; k is LAGiAnd EViA shared key for inter-communication;
step 5.2, TA receives C from LAG1||c4Thereafter, an ID is recorded for each item in the tracking list TLi||siCalculation and comparison verification formula (8):
Figure FDA0002255067980000032
if yes, corresponding record IDi||siID of (1)iTo EV sending the malicious messagei
CN201911049886.8A 2019-10-31 2019-10-31 Forward safe certificate-free anonymous authentication method under V2G environment Active CN110784472B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911049886.8A CN110784472B (en) 2019-10-31 2019-10-31 Forward safe certificate-free anonymous authentication method under V2G environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911049886.8A CN110784472B (en) 2019-10-31 2019-10-31 Forward safe certificate-free anonymous authentication method under V2G environment

Publications (2)

Publication Number Publication Date
CN110784472A CN110784472A (en) 2020-02-11
CN110784472B true CN110784472B (en) 2021-08-24

Family

ID=69388139

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911049886.8A Active CN110784472B (en) 2019-10-31 2019-10-31 Forward safe certificate-free anonymous authentication method under V2G environment

Country Status (1)

Country Link
CN (1) CN110784472B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108510252A (en) * 2018-03-24 2018-09-07 北京理工大学 A kind of intelligent electric automobile power grid security payment system and method based on block chain
CN109861830A (en) * 2019-03-19 2019-06-07 长安大学 A kind of high efficiency condition anonymous authentication method towards VANET
CN110348670A (en) * 2019-05-23 2019-10-18 广东工业大学 A kind of city calculates the vehicle computational resource allocation method under environment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9931952B2 (en) * 2012-06-27 2018-04-03 Qualcomm Incorporated Electric vehicle wireless charging with monitoring of duration of charging operational mode

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108510252A (en) * 2018-03-24 2018-09-07 北京理工大学 A kind of intelligent electric automobile power grid security payment system and method based on block chain
CN109861830A (en) * 2019-03-19 2019-06-07 长安大学 A kind of high efficiency condition anonymous authentication method towards VANET
CN110348670A (en) * 2019-05-23 2019-10-18 广东工业大学 A kind of city calculates the vehicle computational resource allocation method under environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
针对车联网认证方案CPAV和ABV的安全分析;王青龙等;《计算机科学》;20190430;第46卷第4期,177-182页 *

Also Published As

Publication number Publication date
CN110784472A (en) 2020-02-11

Similar Documents

Publication Publication Date Title
Irshad et al. A provably secure and efficient authenticated key agreement scheme for energy internet-based vehicle-to-grid technology framework
CA3005598C (en) Methods and systems for conjugated authentication and authorization
Saxena et al. Authentication scheme for flexible charging and discharging of mobile vehicles in the V2G networks
Lee et al. A new delegation-based authentication protocol for use in portable communication systems
CN101902476B (en) Method for authenticating identity of mobile peer-to-peer user
Wang et al. Ultra super fast authentication protocol for electric vehicle charging using extended chaotic maps
Kamil et al. Lightweight privacy-preserving power injection and communication over vehicular networks and 5G smart grid slice with provable security
JP2002532985A (en) Improved subscriber authentication protocol
CN107181597B (en) PMIPv6 authentication system and method based on identity agent group signature
CN101123501A (en) A WAPI authentication and secret key negotiation method and system
CN113242554B (en) Mobile terminal authentication method and system based on certificate-free signature
CN105450623B (en) A kind of access authentication method of electric car
Qi et al. A pseudonym-based certificateless privacy-preserving authentication scheme for VANETs
Babu et al. EV-Auth: Lightweight authentication protocol suite for dynamic charging system of electric vehicles with seamless handover
Vasudev et al. A lightweight authentication protocol for V2V communication in VANETs
Hou et al. Lightweight and privacy-preserving charging reservation authentication protocol for 5G-V2G
Rajasekaran et al. ABRIS: Anonymous blockchain based revocable and integrity preservation scheme for vehicle to grid network
CN107231353B (en) Binary tree-based batch authentication method in smart power grid
Sharma et al. An efficient physically unclonable function based authentication scheme for V2G network
CN115695007A (en) Lightweight authentication key exchange method suitable for metachrosis electric power transaction
CN116388995A (en) Lightweight smart grid authentication method based on PUF
CN101192927A (en) Authorization based on identity confidentiality and multiple authentication method
Itoo et al. A robust ECC-based authentication framework for energy internet (EI)-based vehicle to grid communication system
Ahmed et al. Signcryption based authenticated and key exchange protocol for EI-based V2G environment
Shamshad et al. A provably secure and lightweight access control protocol for EI-based vehicle to grid environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20240318

Address after: Room 2202, 22 / F, Wantong building, No. 3002, Sungang East Road, Sungang street, Luohu District, Shenzhen City, Guangdong Province

Patentee after: Shenzhen dragon totem technology achievement transformation Co.,Ltd.

Country or region after: China

Address before: 710064 middle section, south two ring road, Shaanxi, Xi'an

Patentee before: CHANG'AN University

Country or region before: China

TR01 Transfer of patent right